TNW Sites

Apple to answer questions after more fraudulent Apps thrive in the App Store

In yet another case of its kind, reports are emerging that users of Apple’s App Store in Japan have had their accounts hacked and used to make fraudulent purchases.

At least 50 customer complaints have been posted to discussion boards on Apple Inc.’s Japanese App Store, claiming their accounts had been hacked to make illicit in-game purchases for a Chinese-made game called Mingzhu Sanguo OL.

The Mainichi Daily News, the English-language version of the country’s national Mainichi Newspaper, carried the report earlier today. The newspaper says:

“The majority of the customers’ complaints state that their Apple IDs and passwords had been used to buy in-game items for Mingzhu Sanguo OL — a game app released in Chinese on April 23 and free for download — with thousands of yen subtracted from money the victims had on their game accounts for later use. Many of the complaints were posted in July, suggesting a growing problem.”

We reported that Apple’s App Store had been hacked earlier this year, when a developer accessed iTunes users’ accounts and purchased their own apps using those accounts thus making it to the top of the iTunes charts. As the story developed, it emerged that this practice was much more widespread than initially feared.

This latest hack seems to have affected mainly users in Japan, and at the time of writing, there were 54 reviews of the game in the app store, and it has 63 1-star ratings, out of a total of 66 ratings.

Whilst the reviews are in Japanese, we arranged for some of the comments from the screenshot above to be roughly translated, and here’s what they say:

1. Just like the people who write review below I had some money taken.

2. Like other people I’ve also had my account accessed and money taken. The same game, the same problem, there’s definitely something going on…

3. The same thing happened to me.

4. My account was accessed at 3pn on July 4th and this game downloaded items for 1000yen.

5. Someone used my Apple ID and bought some paid items.

But looking through the comments (screenshot above), we pulled out some of the more prominent ones. For the record, 1,000 yen is the equivalent of around $12 (USD):

1. On the 5th, 1660 yen was taken. I don’t know why. Please explain and sort it out soon!

2. Me too, 2,220 yen disappeared without me knowing – even though I haven’t installed this app. I’m surprised that there’s so many other people affected by this same app. Please sort it out as soon as possible – and I want my money back!

3. This app that I don’t know has been downloaded. Surprised to see so many other people having the same problem. ¥900 was taken.

4. I contacted Apple and they refunded my money, but according to their rules this is the only time that they’ll do that. Whilst I don’t understand what happened, if you have the same problem contact Apple and see what they’ll do. But I’m wondering where was my ID and password leaked from. My account has now been disabled so I can’t update apps or install any new ones. This is real bad.

5. Just like everyone else someone else’s use my account and taken about ¥1000.

6. my account was somehow accessed on 7 July and ¥1000 taken. I didn’t realise until I got the email from Apple. I want them to do something about this.

On Apple’s UK app store, there was three comments in total relating to the game, one of which claims they were targeted too:

The original Mainichi report from today suggests that the thefts may have been committed by the Anonymous hacker group, however, there is nothing to support this assertion as of yet.

An Apple Japan representative told Mainichi: “We are confirming the details of the situation.” This is the first time in a while Apple has responded to hacking incidents, and if hackers continue to gain access to users’ accounts, it will have to start giving the issue a lot more attention.